Audit: remove unused audit_log_secctx function

The function audit_log_secctx() is unused in the upstream kernel. All it does is wrap another function that doesn't need wrapping. It claims to give you the SELinux context, but that is not true if you are using a different security module. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: James Morris <james.l.morris@oracle.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Casey Schaufler <casey@schaufler-ca.com> 2017-10-24 21:52:31 -0400
committer: Paul Moore <paul@paul-moore.com> 2017-11-10 16:08:47 -0500
commit: f7b53637c090bd8ce2dc74ad0f3aa1898aff2524 (patch)
tree: 560bfa9d9604d356144f9fcbc8112e699d59d328
parent: 33e8a907804428109ce1d12301c3365d619cc4df (diff)
2 files changed, 0 insertions, 34 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 2150bdccfbab..fa1b068d911d 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -149,12 +149,6 @@ extern void		    audit_log_key(struct audit_buffer *ab,
 extern void                 audit_log_link_denied(const char *operation,
                                                  const struct path *link);
 extern void                 audit_log_lost(const char *message);
-#ifdef CONFIG_SECURITY
-extern void                 audit_log_secctx(struct audit_buffer *ab, u32 secid);
-#else
-static inline void          audit_log_secctx(struct audit_buffer *ab, u32 secid)
-{ }
-#endif
 extern int audit_log_task_context(struct audit_buffer *ab);
 extern void audit_log_task_info(struct audit_buffer *ab,
@@ -203,8 +197,6 @@ static inline void audit_log_key(struct audit_buffer *ab, char *key)
 static inline void audit_log_link_denied(const char *string,
                                         const struct path *link)
 { }
-static inline void audit_log_secctx(struct audit_buffer *ab, u32 secid)
-{ }
 static inline int audit_log_task_context(struct audit_buffer *ab)
 {
        return 0;
diff --git a/kernel/audit.c b/kernel/audit.c
index 64e1d0ec19de..227db99b0f19 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -2345,32 +2345,6 @@ void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
        }
 }
-#ifdef CONFIG_SECURITY
-/**
- * audit_log_secctx - Converts and logs SELinux context
- * @ab: audit_buffer
- * @secid: security number
- *
- * This is a helper function that calls security_secid_to_secctx to convert
- * secid to secctx and then adds the (converted) SELinux context to the audit
- * log by calling audit_log_format, thus also preventing leak of internal secid
- * to userspace. If secid cannot be converted audit_panic is called.
- */
-void audit_log_secctx(struct audit_buffer *ab, u32 secid)
-{
-        u32 len;
-        char *secctx;
-        if (security_secid_to_secctx(secid, &secctx, &len)) {
-                audit_panic("Cannot convert secid to context");
-        } else {
-                audit_log_format(ab, " obj=%s", secctx);
-                security_release_secctx(secctx, len);
-        }
-}
-EXPORT_SYMBOL(audit_log_secctx);
-#endif
 EXPORT_SYMBOL(audit_log_start);
 EXPORT_SYMBOL(audit_log_end);
 EXPORT_SYMBOL(audit_log_format);
author	Casey Schaufler <casey@schaufler-ca.com>	2017-10-24 21:52:31 -0400
committer	Paul Moore <paul@paul-moore.com>	2017-11-10 16:08:47 -0500
commit	f7b53637c090bd8ce2dc74ad0f3aa1898aff2524 (patch)
tree	560bfa9d9604d356144f9fcbc8112e699d59d328
parent	33e8a907804428109ce1d12301c3365d619cc4df (diff)

diff --git a/include/linux/audit.h b/include/linux/audit.h index 2150bdccfbab..fa1b068d911d 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h
@@ -149,12 +149,6 @@ extern void audit_log_key(struct audit_buffer *ab,
149	extern void audit_log_link_denied(const char *operation,	149	extern void audit_log_link_denied(const char *operation,
150	const struct path *link);	150	const struct path *link);
151	extern void audit_log_lost(const char *message);	151	extern void audit_log_lost(const char *message);
152	#ifdef CONFIG_SECURITY
153	extern void audit_log_secctx(struct audit_buffer *ab, u32 secid);
154	#else
155	static inline void audit_log_secctx(struct audit_buffer *ab, u32 secid)
156	{ }
157	#endif
158		152
159	extern int audit_log_task_context(struct audit_buffer *ab);	153	extern int audit_log_task_context(struct audit_buffer *ab);
160	extern void audit_log_task_info(struct audit_buffer *ab,	154	extern void audit_log_task_info(struct audit_buffer *ab,
@@ -203,8 +197,6 @@ static inline void audit_log_key(struct audit_buffer ab, char key)
203	static inline void audit_log_link_denied(const char *string,	197	static inline void audit_log_link_denied(const char *string,
204	const struct path *link)	198	const struct path *link)
205	{ }	199	{ }
206	static inline void audit_log_secctx(struct audit_buffer *ab, u32 secid)
207	{ }
208	static inline int audit_log_task_context(struct audit_buffer *ab)	200	static inline int audit_log_task_context(struct audit_buffer *ab)
209	{	201	{
210	return 0;	202	return 0;


diff --git a/kernel/audit.c b/kernel/audit.c index 64e1d0ec19de..227db99b0f19 100644 --- a/kernel/audit.c +++ b/kernel/audit.c
@@ -2345,32 +2345,6 @@ void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
2345	}	2345	}
2346	}	2346	}
2347		2347
2348	#ifdef CONFIG_SECURITY
2349	/**
2350	* audit_log_secctx - Converts and logs SELinux context
2351	* @ab: audit_buffer
2352	* @secid: security number
2353	*
2354	* This is a helper function that calls security_secid_to_secctx to convert
2355	* secid to secctx and then adds the (converted) SELinux context to the audit
2356	* log by calling audit_log_format, thus also preventing leak of internal secid
2357	* to userspace. If secid cannot be converted audit_panic is called.
2358	*/
2359	void audit_log_secctx(struct audit_buffer *ab, u32 secid)
2360	{
2361	u32 len;
2362	char *secctx;
2363
2364	if (security_secid_to_secctx(secid, &secctx, &len)) {
2365	audit_panic("Cannot convert secid to context");
2366	} else {
2367	audit_log_format(ab, " obj=%s", secctx);
2368	security_release_secctx(secctx, len);
2369	}
2370	}
2371	EXPORT_SYMBOL(audit_log_secctx);
2372	#endif
2373
2374	EXPORT_SYMBOL(audit_log_start);	2348	EXPORT_SYMBOL(audit_log_start);
2375	EXPORT_SYMBOL(audit_log_end);	2349	EXPORT_SYMBOL(audit_log_end);
2376	EXPORT_SYMBOL(audit_log_format);	2350	EXPORT_SYMBOL(audit_log_format);